General
-
Target
2b576ef794d567abd0bc1bade2aeee658b279c44fa9faafe05f959612bb7dd05
-
Size
695KB
-
Sample
241113-zm2mqsyhnq
-
MD5
8baffb2489069b083dab9ae9a8553318
-
SHA1
98ab14ef96f3cbda8c19b0f4bfc918f75e235a76
-
SHA256
2b576ef794d567abd0bc1bade2aeee658b279c44fa9faafe05f959612bb7dd05
-
SHA512
fce01c9cecf4e6cebebee581dd4be7546cf49b34b905b5843001688d4b383a18c2f509bb0e10f4dec29247c67778de8fc396cac5cc6d21492d31b180bb49b40b
-
SSDEEP
12288:ny90t7V3B9m0jqDGut2uP28QSZRhuuHC0iDye7nOc4bDg:nyc7VRo0jyGutfxjvrle7nOTfg
Static task
static1
Behavioral task
behavioral1
Sample
2b576ef794d567abd0bc1bade2aeee658b279c44fa9faafe05f959612bb7dd05.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2b576ef794d567abd0bc1bade2aeee658b279c44fa9faafe05f959612bb7dd05
-
Size
695KB
-
MD5
8baffb2489069b083dab9ae9a8553318
-
SHA1
98ab14ef96f3cbda8c19b0f4bfc918f75e235a76
-
SHA256
2b576ef794d567abd0bc1bade2aeee658b279c44fa9faafe05f959612bb7dd05
-
SHA512
fce01c9cecf4e6cebebee581dd4be7546cf49b34b905b5843001688d4b383a18c2f509bb0e10f4dec29247c67778de8fc396cac5cc6d21492d31b180bb49b40b
-
SSDEEP
12288:ny90t7V3B9m0jqDGut2uP28QSZRhuuHC0iDye7nOc4bDg:nyc7VRo0jyGutfxjvrle7nOTfg
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1